<?php
# ============================================================================
# 版权所有  Chilcoo.com，并保留所有权利。
# 网站地址: http://www.chilcoo.com/erphp
# ----------------------------------------------------------------------------
# 这不是一个自由软件！你不能通过任何方式破解本软件.
# 使用:不允许对程序代码以任何形式任何目的的再发布。
# ============================================================================
# $Author: Chilcoo Inc. *
# $Official website : www.chilcoo.com
# 
# 文件信息:
# File : /homepage/news.php
error_reporting(E_ERROR | E_WARNING | E_PARSE);
# 载入常用集
require_once (dirname(__FILE__).'/../../include/common.inc.php');
require_once (dirname(__FILE__).'/../../include/_manager/login.inc.php');
# 页面级别
$conf_web_page_level = 60;

class page_index  extends page{
	function __construct(){
		$this->database = new db(config::conf_db_host,config::conf_db_user,
			config::conf_db_password,config::conf_db_name);
		$this->listview = array();
	}
	function len(){
		$l;
		try{
			$sql = "
				SELECT COUNT(*) AS cnt
				FROM cs2_hnews;";
			$l = $this->database->select($sql);
		}catch (Exception $e) {
			$l = null;
		}
		return $l[0]['cnt'];
	}
	function listview(){
		$lv;
		try{
			$sql = "
				SELECT hnewsId, title, contents, dates, cs2_admin.adminId, cs2_admin.name
				FROM cs2_hnews LEFT JOIN cs2_admin
				ON cs2_hnews.adminId = cs2_admin.adminId
				ORDER BY cs2_hnews.dates DESC;";
			$lv = $this->database->select($sql);
		}catch (Exception $e) {
			$lv = null;
		}
		return $lv;
	}
	function ajax_callback(){
		global $config;
		# POST 数据
		$token = $_POST['token'];
		# 初始返回用 json
		$json = array("ref"=>"error");
		if($token == config::TOKEN_ADD_HNEWS){
			$title = $_POST['title'];
			$contents = $_POST['contents'];
			$adminId = $_POST['adminId'];
			$dates = $_POST['dates'];
			
			$sql = "INSERT INTO cs2_hnews (title, contents, dates, adminId) 
			VALUES ('".$title."','".$contents."','".$dates."',".$adminId.");";
			try {
				$this->database->insert($sql);
				$json = array("ref"=>"OK");
			} catch (Exception $e) {
				$json = array("ref"=>"error,database.");
			}
		}
		if($token == config::TOKEN_UP_HNEWS){
			$title = $_POST['title'];
			$contents = $_POST['contents'];
			$adminId = $_POST['adminId'];
			$dates = $_POST['dates'];
			$hnewsId = $_POST['hnewsId'];
			
			$sql = "UPDATE cs2_hnews SET 
				title='".$title."', contents='".$contents."', dates='".$dates."', adminId=".$adminId ."
			 WHERE (hnewsId =". $hnewsId.");";
			
			try {
				$this->database->insert($sql);
				$json = array("ref"=>"OK");
			} catch (Exception $e) {
				$json = array("ref"=>"error,database.");
			}
		}
		if($token == config::TOKEN_DEL_HNEWS){
			$hnewsId = $_POST['hnewsId'];
			$sql = "DELETE FROM cs2_hnews WHERE (cs2_hnews.hnewsId=".$hnewsId.")";
			try {
				$this->database->delete($sql);
				$json = array("ref"=>"OK","name");
			} catch (Exception $e) {
				$json = array("ref"=>"error,database.");
			}
		}
		return json_encode($json);
	}
}
$pg = new page_index();
## Session 和 POST 安全访问.
if($_SERVER['REQUEST_METHOD'] != 'POST'){
	$_SESSION[config::conf_session_id_token] = $config->web_page_period;
	$config->smarty->assign('DATENOW',date("Y-m-d"));
	$config->smarty->assign('len', $pg->len());
	$config->smarty->assign('listview', $pg->listview());
	$pg->render($config->temp_page_path.config::conf_web_template_extension);
}else{
	print_r($pg->ajax_callback());
}



?>